Security Identifier (SID) to User Identifier (uid) ResolutionSystem
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Dec 31 09:42:40 GMT 1999
john, thx 4 input.
> > simulate NT ACLs, you mean. and the mapping between NT ACLs and unix
> > file/directory permissinos does not depend on the target unix host having
> > ACLs (see above).
> It supplies nowhere near the same utility. Obviously it can be done, and is
> being done, but you are basically limited to the owner and two built in
> groups, and having to deal with the READONLY bit.
> Setting a file READONLY is easy. Clearing the READONLY bit is problematic
> for a POSIX based security system. Should it be cleared for just Owner, or
> also for Group and World?
> (I do not quite remember what SAMBA actually does in this case.) The
> current main VMS port ignores those attributes, and I have not coded a
> better implementation other than to accurately report the current ones for
> the file.)
this is an "encapsulated" problem, as part of the "simulation" of NT ACLs,
using traditional unix file permissions.
apreciate you bringing this up.
More information about the samba-technical